• Toute la Communauté
    • Toute la Communauté
    • Forums
    • Idées
    • Blogs
Avancé

Pas ce que vous cherchiez ? Demandez aux experts !

Ce sujet a besoin d'une solution.
Remerciements0

TCP Port 1025 is not being blocked by NIS 2009.

Greetings:

I use various method to test the security on my system and I noticed that TCP port 1025 is not being blocked by NIS2009.

When I went to www.grc.com and performed a ShieldsUP! Port test, it failed only on that one, indicating that the Port is open.

Under protocol and application, it shows "blackjack - network blackjack."

Normally, my system is very secure. Here is some additional info: http://www.grc.com/port_1025.htm

What's up?

SN

Message Edited by Smart_Neuron on 06-12-2009 01:24 PM

Réponses

Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Smart_Neuron,

There have been several discussions on the ShieldsUp test here.  Are you certain it was testing your network adapter and not your router or ISP switch / proxy?  I run NIS2009 with default settings and all ports are closed / stealthed on ShieldsUp.

Win10 x64; Proud graduate of GeeksToGo
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Hi dbrisendine:

The test shows me my IP Address, which is correct.

I am connected to the Internet right now without a router - directly to the broadband modem.

"Stealth Blocked Ports" setting in NIS 2009 is in the on position.

BTW, I am running XP, SP3.

SN

Message Edited by Smart_Neuron on 06-12-2009 01:47 PM
Remerciements1 Stats

Re: TCP Port 1025 is not being blocked by NIS 2009.

And the address in the first page of the ShieldsUp (the one where you enter the site) site is exactly what your network card is in your computer?  If your card / adapter in your system has IP 123.45.67.890 assigned to it, this is exactly what shows up there on that page, no other words or URL adders, correct?  I ask this because some people have tried this test before and did not understand this page or what it was telling them (not saying anything about you but if 123.45.67.890your.service.ISP is listed then this IS NOT your network adapter) .

Anyway you can test this out by making a manual rule that will block this port in the Internet Settings > Smart Firewall > Advanced Settings > General Rules.

Add a rule, set it to block the Local Port 1025 and when you finish the rule, move it all the way to the top of the list. Click Apply for the rule to take affect and then run the ShieldsUp test again.

Let us know the results please.

Win10 x64; Proud graduate of GeeksToGo
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Hi dbrisendine:

Correct. The IP address directly represents the NIC in the PC.

Let me create the manual rule, and get right back to you. I don't understand why NIS 2009 is not blocking it. Strange.

Thanks.

SN

Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Hey dbrisendine:

I created the Manual Rule and it passed the GRC tests without incident.

Thank you!

Perhaps you can explain why NIS didn't stealth it in the first place.

That scares me.

SN

Message Edited by Smart_Neuron on 06-12-2009 02:20 PM
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Look in your Firewall history log and see if there was any previous connections on this port prior to your tests.  I'm wondering if the broadband company is leaving / hitting the port to see if you are online or for service issues (in case they need to do something) .  Like I was saying earlier, I'm running the same program (NIS2009 v16.5.0.135 [134 is the same]) and I get a clean score everytime.
Win10 x64; Proud graduate of GeeksToGo
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Hi dbrisendine:

If you look at my other post you replied to (History Logs) you will see that by deleting the Recent History also deleted the Firewall Logs.

However, in the past 10 minutes, I have not seen any suspicious activity.

Question for you...

If the port is now blocked, will NIS still report a "hit" in the History Logs?

Thanks.

SN

Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

If you open the rule that you made, there will be a tab for tracking.  If you check that it will be included in the log.
Under certain circumstances profanity provides relief denied even to prayer.Mark Twain
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Hi delphinium:

So you are saying that if I didn't check the tab, the History Logs wouldn't record it?

Am I correct?

Thanks.

SN

Message Edited by Smart_Neuron on 06-12-2009 02:49 PM
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

That is correct; logging takes place if the manual rule askes for it only.
Win10 x64; Proud graduate of GeeksToGo
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Hi dbrisendine:

OK, understood - keeps the logging in control.

One last question ...

If I didn't move that rule to the top, it still would have been processed anyway, right?

I know that the rules process in top-down order.

Thanks again, SN

Message Edited by Smart_Neuron on 06-12-2009 03:21 PM
Remerciements0

Re: TCP Port 1025 is not being blocked by NIS 2009.

Yes it would be processed unless something else would have blocked the rule / packet first.  That was why I said to move it to the top.
Win10 x64; Proud graduate of GeeksToGo

This thread is closed from further comment. Please visit the forum to start a new thread.